<?php
class hanzaclass {

	function hanzaclass() {
		global $setupdata, $mysqlclass, $paymentclass;
		$this->setupdata=$setupdata;
		$this->mysqlclass=$mysqlclass;
		$this->paymentclass=$paymentclass;
	}

	function send_order_to_gateway($data, $post, $id){
		$post['order_amount'] = $this->paymentclass->amount_convert($post['order_amount'], $data['VK_CURR']);
		$data['VK_REF'] = $id;
		$data['VK_SERVICE'] = "1001";
		$data['VK_VERSION'] = "008";
		$data['VK_PANK'] = "73000";
		$data['VK_RETURN'] = $this->setupdata['base_href']."/index.php?module=payment&gateway=hanza&act=return";
		$data['VK_STAMP'] = $post['order_id'];
		$data['VK_AMOUNT'] = $post['order_amount'];
		$data['VK_MSG'] = $post['mess']." (".$data['VK_STAMP'].")";
		$data['VK_DATA'] = $this->get_post_data_string($data);
		$data['VK_MAC'] = $this->get_mac($data);
		if (isset($data['target'])) $data['TARGET'] = $data['target'];
		else $data['TARGET'] = "_hanza";
		if (!isset($data['PayURL']) || ($data['PayURL'] == "")) $data['PayURL'] = "https://lt.hanza.net/cgi-bin/lip/pangalink.jsp";
		
		if ($data['VK_AMOUNT'] != 0){
			print_r('
				<html>
					<head> 
					<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
					<title>HANZA</title> 
					<script type="text/javascript"> 
					function init(){ 
					   document.forms["payment"].submit();     
					} 
					</script> 
					</head> 
				<body onload="init();"> 
				<form name="payment" method="POST" action="'.$data['PayURL'].'" target="'.$data['TARGET'].'">
				<input type="hidden" name="VK_SERVICE" value="'.$data['VK_SERVICE'].'">
				<input type="hidden" name="VK_VERSION" value="'.$data['VK_VERSION'].'">
				<input type="hidden" name="VK_SND_ID" value="'.$data['VK_SND_ID'].'">
				<input type="hidden" name="VK_STAMP" value="'.$data['VK_STAMP'].'">
				<input type="hidden" name="VK_AMOUNT" value="'.$data['VK_AMOUNT'].'">
				<input type="hidden" name="VK_CURR" value="'.$data['VK_CURR'].'">
				<input type="hidden" name="VK_ACC" value="'.$data['VK_ACC'].'">
				<input type="hidden" name="VK_PANK" value="'.$data['VK_PANK'].'">
				<input type="hidden" name="VK_NAME" value="'.$data['VK_NAME'].'">
				<input type="hidden" name="VK_REF" value="'.$data['VK_REF'].'">
				<input type="hidden" name="VK_MSG" value="'.$data['VK_MSG'].'">
				<input type="hidden" name="VK_DATA" value="'.$data['VK_DATA'].'">
				<input type="hidden" name="VK_MAC" value="'.$data['VK_MAC'].'">
				<input type="hidden" name="VK_RETURN" value="'.$data['VK_RETURN'].'">
				<input type="hidden" name="VK_LANG" value="'.$data['VK_LANG'].'">
				</form>
				<script language="javascript1.4" type="text/javascript">document.payment.submit();</script>
			');
		} else {
			echo "Shop cart is empty.";
		}
		$this->mysqlclass->close_db();
		die();
	}
	
	function get_post_data_string($data){
		$result = substr("000".strlen($data['VK_SERVICE']),-3).$data['VK_SERVICE']
		.substr("000".strlen($data['VK_VERSION']),-3).$data['VK_VERSION']
		.substr("000".strlen($data['VK_SND_ID']),-3).$data['VK_SND_ID']
		.substr("000".strlen($data['VK_STAMP']),-3).$data['VK_STAMP']
		.substr("000".strlen($data['VK_AMOUNT']),-3).$data['VK_AMOUNT']
		.substr("000".strlen($data['VK_CURR']),-3).$data['VK_CURR']
		.substr("000".strlen($data['VK_ACC']),-3).$data['VK_ACC']
		.substr("000".strlen($data['VK_PANK']),-3).$data['VK_PANK']
		.substr("000".strlen($data['VK_NAME']),-3).$data['VK_NAME']
		.substr("000".strlen($data['VK_REF']),-3).$data['VK_REF']
		.substr("000".strlen($data['VK_MSG']),-3).$data['VK_MSG'];
		return $result;
	}
	
	function get_mac($data){
		$str = $this->get_post_data_string($data);
		$data = $this->paymentclass->get_gateway_data('hanza');
		$priv_key = $data['KEY_PRIV'];
		if (strlen($data['VK_PASS']) > 0) $pkeyid = openssl_get_privatekey($priv_key, $data['VK_PASS']);
		else $pkeyid = openssl_get_privatekey($priv_key);
		if ($pkeyid !== FALSE) {
			if (openssl_sign($str, $signature, $pkeyid) === FALSE) $signature = "";
			openssl_free_key($pkeyid); 
			$signature=base64_encode($signature);
		} else $signature = "";
		unset($data);
		return $signature;
	}
	
	function verify_get($string, $signature){
		$data = $this->paymentclass->get_gateway_data('hanza');		
		$pubkeyid = openssl_pkey_get_public($data['KEY_PUBL']);
		if ($pkeyid !== FALSE) {
			$signature = base64_decode($signature);
			$result = openssl_verify($string, $signature, $pubkeyid);
			openssl_free_key($pubkeyid); 
		} else $result = 0;
		unset($data);
		return $result;
	}
	
	function post_data_string($servise, $data){
		if ($servise == '1101') {
			$result = substr("000".strlen($data['VK_SERVICE']),-3).$data['VK_SERVICE']
				.substr("000".strlen($data['VK_VERSION']),-3).$data['VK_VERSION']
				.substr("000".strlen($data['VK_SND_ID']),-3).$data['VK_SND_ID']
				.substr("000".strlen($data['VK_REC_ID']),-3).$data['VK_REC_ID']
				.substr("000".strlen($data['VK_STAMP']),-3).$data['VK_STAMP']
				.substr("000".strlen($data['VK_T_NO']),-3).$data['VK_T_NO']
				.substr("000".strlen($data['VK_AMOUNT']),-3).$data['VK_AMOUNT']
				.substr("000".strlen($data['VK_CURR']),-3).$data['VK_CURR']
				.substr("000".strlen($data['VK_REC_ACC']),-3).$data['VK_REC_ACC']
				.substr("000".strlen($data['VK_REC_NAME']),-3).$data['VK_REC_NAME']
				.substr("000".strlen($data['VK_SND_ACC']),-3).$data['VK_SND_ACC']
				.substr("000".strlen($data['VK_SND_NAME']),-3).$data['VK_SND_NAME']
				.substr("000".strlen($data['VK_REF']),-3).$data['VK_REF']
				.substr("000".strlen($data['VK_MSG']),-3).$data['VK_MSG']
				.substr("000".strlen($data['VK_T_DATE']),-3).$data['VK_T_DATE'];
			return $result;
		} elseif ($servise == '1901') {
			$result = substr("000".strlen($data['VK_SERVICE']),-3).$data['VK_SERVICE']
				.substr("000".strlen($data['VK_VERSION']),-3).$data['VK_VERSION']
				.substr("000".strlen($data['VK_SND_ID']),-3).$data['VK_SND_ID']
				.substr("000".strlen($data['VK_REC_ID']),-3).$data['VK_REC_ID']
				.substr("000".strlen($data['VK_STAMP']),-3).$data['VK_STAMP']
				.substr("000".strlen($data['VK_REF']),-3).$data['VK_REF']
				.substr("000".strlen($data['VK_MSG']),-3).$data['VK_MSG'];
			return $result;
		}
	}

	function return_order($post){
		if (isset($post['VK_MAC']) && isset($post['VK_SERVICE']) && isset($post['VK_REF']) && ($post['VK_SERVICE']=='1101') || ($post['VK_SERVICE']=='1901')){
			$string = $this->post_data_string($post['VK_SERVICE'], $post);
			$result = $this->verify_get($string, $post['VK_MAC']);
			if ($result == 1) {
				if ($post['VK_SERVICE'] == 1901) $status = 'notpay';
				elseif ($post['VK_SERVICE'] == 1101) $status = 'pay';
				else $status = 'error';
			} else {
				$status = 'error';
			}
			$this->paymentclass->set_invoice_status($post['VK_REF'], $status);
			return $status;
		}
	}
}
?>